Sunday, October 24, 2010

CVE-2010-2883 Stack-based buffer overflow in CoolType.dll in Adobe Reader and
Acrobat 9.3.4 and earlier allows remote attackers to execute arbitrary
code or cause a denial of service (application crash) via a PDF
document with a long field in a Smart INdependent Glyphlets (SING)
table in a TTF font, as exploited in the wild in September 2010.
NOTE: some of these details are obtained from third party information

Thursday, October 14, 2010

CVE-2010-2883 Stack-based buffer overflow in CoolType.dll in Adobe Reader and
Acrobat 9.3.4 and earlier allows remote attackers to execute arbitrary
code or cause a denial of service (application crash) via a PDF
document with a long field in a Smart INdependent Glyphlets (SING)
table in a TTF font, as exploited in the wild in September 2010.
NOTE: some of these details are obtained from third party information.

We inform you of an event and expect your kindly opinions.On October 4th-5th 2010, the IFANS Conference on Global Affairs in 2010, "Nuclear Challenges and Responses in the Century" is hosted by the Institute of Foreign Affairs and National Security (IFANS) and the Presidential Council for Future and Vision (PCFV), and is organized by the Institute of Foreign Affairs and National Security (IFANS),ROK.

At the conference,in-depth discussion is expected among international and Korean experts and turn-out policy recommendations in terms of three subjects.The sessions and programs were attached to a file "Conference Information.pdf".

Strings (yes, C:\Documents and Settings\Mila\Desktop\Conference Information_2010 IFANS Conference on Global Affairs (1001).pdf"is not a accidental paste, it is in the file = inserted path from the original location of the pdf.

C:\windows\system32\form.ocx = same string as it tried to download = see the pcap screenshot below

Malware samples are available for download by any responsible whitehat researcher. By downloading the samples, anyone waives all rights to claim punitive, incidental and consequential damages resulting from mishandling or self-infection.